Forums

Resolved
0 votes
Hi, i have a issue with contentfilter banedsites.
i have baned facebook.com thats working without https
when i try https://www.facebook.com it is not working.

The same also with virusfilter, thats working with http downloads but https downloads are not blokked.

Mvh Steffen Schulze IT-arkitekt
Tuesday, February 27 2018, 11:27 AM
Share this post:
Responses (7)
  • Accepted Answer

    Tuesday, February 27 2018, 11:50 AM - #Permalink
    Resolved
    0 votes
    Hi Steffen,
    I think the problem is that https traffic is encrypted between the browser and the endpoint which means the server can't see its content to inspect it. For the content filter the way round it is to use the proxy in non-transparent mode. I don't know how to get round it with the virus filter.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, February 27 2018, 11:59 AM - #Permalink
    Resolved
    0 votes
    in the contentfilter: when i ban a site, so i think its banned http and https. but only http is working, thats not correct.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, February 27 2018, 12:00 PM - #Permalink
    Resolved
    0 votes
    in the virysfilter have i enabled block enkryptet files, when you go to eicar.org and you download the testfile can you see the issue
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, February 27 2018, 12:42 PM - #Permalink
    Resolved
    0 votes
    Hi Steffen,
    The Eicar file is not encrypted when you download the file by https. It is the whole https transaction which is encrypted so I would not expect the scanner on the server to be able to break into the https stream to scan the file. That is the advantage of a Desktop AV solution as it comes after the https transaction.

    re the content filter, please see this doc.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, February 27 2018, 12:54 PM - #Permalink
    Resolved
    0 votes
    Hi Nick, hm yes thats totaly correct :-) . OK and what is the site block issue ? Can i not block a https site ?
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, February 27 2018, 01:10 PM - #Permalink
    Resolved
    0 votes
    If you don't want to set up non-transparent mode, you have two other alternatives with ClearOS.

    1. Gateway Management
    2. Application Blocker.

    B
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, February 27 2018, 01:35 PM - #Permalink
    Resolved
    0 votes
    OK i try to setup this on my testsystem
    That issue is on a production system from a client.
    So i am writing back tomorow
    The reply is currently minimized Show
Your Reply